<?php
class User
{
	/**
	 * error msg
	 *
	 * @access public
	 * @var string
	 */
	public $error = '';
		
	/**
	 * reg status
	 *
	 * @var int
	 */
	protected $registerStatus    =  0;

	/**
	 * constructor
	 *
	 */
	function __construct()
	{
	}

	/**
	 * set error message
	 *
	 * @access protected
	 * @param string $error
	 */
	protected function setErrorMessage($error)
	{
		$this->error = $error;
	}

	/**
	 * user login chk
	 *
	 * @param string $user
	 * @param string $pass
	 * @param string $isuid
	 * @return uid / false
	 */
	public function chklogin($user, $pass, $isuid = false)
	{
		if(!$isuid)
			$condition = '`user_email`=\''.$user.'\'';
		else
			$condition = '`user_uid`='.$user;

		//$pass = md5(md5($pass));
		$queryChklogin = <<<QUERY
SELECT 
`user_uid` 
FROM 
`{$GLOBALS['cfg']['database']['TablePrefix']}user` 
WHERE 
{$condition} 
AND 
`user_password`='{$pass}'
LIMIT 1;
QUERY;
		if (!($resultChklogin = $GLOBALS['db']->query($queryChklogin)))
		{
			$this->setErrorMessage($GLOBALS['db']->error);
			return FALSE;
		}
		//login chk

		if ($resultChklogin->num_rows != 1) //no user found
		{
			$this->setErrorMessage('auth failed');
			return FALSE;
		}
		else
		{
			$row = $resultChklogin->fetch_assoc();
			return $row["user_uid"];
		}
	}

	/**
	 * logout
	 *
	 * @return boolean
	 */
	public function logout()
	{
		session_destroy();
		setcookie(session_name(), '', time()-3600);
		return TRUE;
	}

	/**
	 * user register
	 *
	 * @param array $arrUserInfo
	 * @return boolean
	 */
	public function register($arrUserInfo)
	{
		//whether opening register
		if ($GLOBALS['cfg']['system']['RegisterStatus']!=0)
		{
			$this->setErrorMessage('register closed');
			return FALSE;
		}

		if (!filterCheck('email', $arrUserInfo['user_email']))
		{
			$this->setErrorMessage('email invalid');
			return FALSE;
		}
		else if (!filterCheck('password', $arrUserInfo['user_password']))
		{
			$this->setErrorMessage('password invalid');
			return FALSE;
		}
		else
		{
			if ($this->checkExistUser($arrUserInfo['user_username']))
			{
				$this->setErrorMessage('User exists');
				return FALSE;
			}
			else
			{
				$setString  = 'SET ';
				$setString .= '`user_email`=\''.$arrUserInfo['user_email'].'\', ';
				$setString .= '`user_username`=\''.$arrUserInfo['user_username'].'\', ';
				$setString .= '`user_password`=\''.md5(md5($arrUserInfo['user_password'])).'\', ';
				$setString .= '`user_truename`=\''.$arrUserInfo['user_truename'].'\', ';				
				$setString .= '`user_regtime`=\''.date('Y-m-d H:i:s').'\', ';
				$setString .= '`user_university`=\''.$arrUserInfo['user_university'].'\', ';	
				$setString .= '`user_tags`=\''.$arrUserInfo['user_tags'].'\', ';	
				$query = <<<QUERY
INSERT INTO 
`{$GLOBALS['cfg']['database']['TablePrefix']}user` 
{$setString};
QUERY;

				if (!$GLOBALS['db']->query($query))
				{
					$this->setErrorMessage($GLOBALS['db']->error);
					return FALSE;
				}
				else
				{
					return $GLOBALS['db']->insert_id;
				}
			}
		}
	}

	/**
	 * 
	 *
	 * @param string $username
	 * @return boolean
	 */
	public function checkExistUser($email)
	{
		if (!filterCheck('email', $email))
		{
			$this->setErrorMessage('Invalid username.');
			return true;
		}

		$queryCheckExistUser = <<<QUERY
SELECT 
* 
FROM 
`{$GLOBALS['cfg']['database']['TablePrefix']}user` 
WHERE 
`user_email`='{$email}';
QUERY;

		if (!($resultCheckExistUser = $GLOBALS['db']->query($queryCheckExistUser)))
		{
			$this->setErrorMessage($GLOBALS['db']->error);
			return FALSE;
		}
		else
		{
			if($resultCheckExistUser->num_rows != 0) 
			{				
				return true;
			}
			return false;
		}
	}

}


?>
